int CheckPosixLinuxACL(char *file_path, Acl acl, Attributes a, Promise *pp)
{
if (!CheckPosixLinuxAccessACEs(acl.acl_entries, acl.acl_method, file_path, a, pp))
{
cfPS(OUTPUT_LEVEL_ERROR, CF_FAIL, "", pp, a, " !! Failed checking access ACL on %s", file_path);
PromiseRef(OUTPUT_LEVEL_ERROR, pp);
return false;
}
if (IsDir(file_path))
{
if (!CheckPosixLinuxInheritACEs
(acl.acl_inherit_entries, acl.acl_method, acl.acl_directory_inherit, file_path, a, pp))
{
cfPS(OUTPUT_LEVEL_ERROR, CF_FAIL, "", pp, a, " !! Failed checking inheritance ACL on %s", file_path);
PromiseRef(OUTPUT_LEVEL_ERROR, pp);
return false;
}
}
return true;
}
PromiseResult CheckPosixLinuxACL(EvalContext *ctx, const char *file_path, Acl acl, Attributes a, const Promise *pp)
{
PromiseResult result = PROMISE_RESULT_NOOP;
if (!CheckPosixLinuxAccessACEs(ctx, acl.acl_entries, acl.acl_method, file_path, a, pp, &result))
{
cfPS(ctx, LOG_LEVEL_ERR, PROMISE_RESULT_FAIL, pp, a, "Failed checking access ACL on %s", file_path);
PromiseRef(LOG_LEVEL_ERR, pp);
return PROMISE_RESULT_FAIL;
}
if (IsDir(file_path))
{
if (!CheckPosixLinuxDefaultACEs(ctx, acl.acl_default_entries, acl.acl_method, acl.acl_default,
file_path, a, pp, &result))
{
cfPS(ctx, LOG_LEVEL_ERR, PROMISE_RESULT_FAIL, pp, a, "Failed checking default ACL on '%s'", file_path);
PromiseRef(LOG_LEVEL_ERR, pp);
return PROMISE_RESULT_FAIL;
}
}
return PROMISE_RESULT_NOOP;
}
